Blog Tagged
January 8, 2007There have been several security bloggers "tagging" each other this new year and recently I got tagged. Normally, I try to keep this blog fairly technical and product centric. Since I don't ...
Improper Network Segmentation Testing With Nessus
January 5, 2007On January 3rd, 2007, Tenable's research group released a NASL script (plugin #23971, currently available to Direct Feed and Security Center customers) to test if a scanned host is on a different logi...
Enumerating Corporate Data
January 4, 2007Many Tenable customers and Nessus users have asked us for recommended strategies to discover where sensitive information is placed on the network. Often, organizations have segregated networks to sepa...
More on "Never Before Seen" Log Events
January 3, 2007This entry concerns more information and analysis of output from the "Never Before Seen" TASL script for the Log Correlation Engine (LCE). We've had the script running at several customer lo...
Security Center 3.2 Report Templates
January 3, 2007Note: Tenable SecurityCenter is now Tenable.sc. To learn more about this application and its latest capabilities, visit the Tenable.sc web page. One of the new features of Security Center 3.2 i...
Passive Vulnerability Scanner 3.0 Released
January 2, 2007Tenable Network Security has released version 3.0 of the Passive Vulnerability Scanner (PVS). This version supports realtime vulnerability alerting, enables monitoring of corporate networks for data l...
Security Center 3.2 Released
January 2, 2007Note: Tenable SecurityCenter is now Tenable.sc. To learn more about this application and its latest capabilities, visit the Tenable.sc web page. Tenable has released version 3.2 of the Security...
More Flexible Assessments of Windows ACLs
December 30, 2006Tenable recently increased the flexibility of performing configuration assessments of Windows  access control lists (ACLs) with the Nessus compliance checks. Previously, an ACL policy could only...
Updated Black-list Correlation
December 28, 2006Tenable's research group has recently expanded support for "Black Lists" within the Log Correlation Engine. These new features include enhanced log parsing to identify specific black-list so...
Finding Events that have "Never Been Seen" Before
December 26, 2006A useful event to know about on any network is when something new happens on a given server for the first time. This is a very simple concept and extremely useful. Regardless if your event logs are f...
Dale Peterson of Digital Bond Interview
December 20, 2006Dale Peterson is the CEO and founder of Digital Bond, a research and consulting practice which specializes in IT and Control Systems security. Digital Bond recently completed research on behalf of Ten...
Detecting Compromised Windows Hosts
December 19, 2006Tenable recently added a credentialed Windows check (Nessus ID #23910) to find systems that have been infected by certain viruses. The check considers the contents of the file: SYSTEM32\Drivers\etc\H...